CVE-2012-3569

Exploitation Summary

EIP tracks 4 public exploits for CVE-2012-3569. PoCs published by Metasploit, Jeremy Brown, juan vazquez, including Metasploit module exploits/windows/browser/ovftool_format_string.

AI-analyzed exploit summary This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. It crafts a malicious OVF file that triggers the vulnerability when parsed, leading to arbitrary code execution.

Description

Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/24461

View Code ZIP pw:eip

This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. It crafts a malicious OVF file that triggers the vulnerability when parsed, leading to arbitrary code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VMWare OVF Tools 2.1

No auth needed

Prerequisites: VMWare OVF Tools 2.1 installed on Windows XP SP3

MITRE ATT&CK

T1211 - Exploitation for Defense Evasion T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/24460

View Code ZIP pw:eip

This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. It crafts a malicious OVF file to achieve remote code execution by leveraging a format string attack during error message parsing.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VMWare OVF Tools 2.1 on Windows XP SP3

No auth needed

Prerequisites: Network access to the target system · Target system running VMWare OVF Tools 2.1

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Jeremy Brown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ovftool_format_string.rb

View Code ZIP pw:eip

This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. It crafts a malicious OVF file with a format string payload to achieve remote code execution by overwriting the saved EBP and redirecting execution flow.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VMWare OVF Tools 2.1 on Windows XP SP3

No auth needed

Prerequisites: Target must be running VMWare OVF Tools 2.1 on Windows XP SP3 · Attacker must be able to serve a malicious OVF file to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Jeremy Brown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ovf_format_string.rb

View Code ZIP pw:eip

This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. It crafts a malicious OVF file that triggers the vulnerability when parsed, leading to arbitrary code execution via a controlled format string attack.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VMWare OVF Tools 2.1 on Windows XP SP3

No auth needed

Prerequisites: VMWare OVF Tools 2.1 installed on target system · Ability to deliver malicious OVF file to target

MITRE ATT&CK